W32/Sdbot-XP is a worm which attempts to spread to remote network shares. It also contains Trojan functionality, allowing unauthorised remote access to the infected computer.
W32/Sdbot-XP moves itself to the Windows system folder as msnmsgr.exe and creates entries in the registry so as to run itself on system startup.
W32/Mytob-BT is a mass-mailing worm and backdoor Trojan that can be controlled through the Internet Relay Chat (IRC) network.
W32/Mytob-BT is capable of spreading through email and through various operating system vulnerabilities such as LSASS (MS04-011). The patch for the operating system vulnerability exploited by W32/Mytob-BT can be obtained from the Microsoft website link below:
The worm also drops a file called hellmsn.exe (detected by Sophos as W32/Mytob-D) in the root folder. This component attempts to spread the worm by sending the aforementioned SCR files through Windows Messenger to all online contacts.